Ensure that "Monitor JIT Network Access" feature is enabled within your Microsoft Azure cloud account settings so that Azure Security Center can assess if Just-In-Time network access is enabled for your eligible VMs. Just-In-Time (JIT) network access can be used to lock down inbound traffic to your Azure VMs, reducing exposure to different types of attacks while providing easy access to your virtual machines when needed.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
JIT network access can lock down inbound traffic to your Azure VMs by creating a Network Security Group (NSG) where you select the ports to which inbound traffic will be restricted. This method can be extremely useful for reducing exposure to external attacks. With JIT network access monitoring enabled, Azure Security Center can determine if Just-In-Time network access is enabled for your Azure virtual machines and make the proper recommendations.
To determine if JIT network access monitoring is enabled within Azure Security Center settings, perform the following actions:
Remediation / Resolution
To enable Just-In-Time (JIT) network access monitoring for your Microsoft Azure virtual machines (VMs), perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable JIT Network Access Monitoring
Risk level: High